SmartConnector for Juniper Pulse Secure Access Syslog (Legacy)

0 Likes
Comment List
Anonymous
Parents
  • Does anyone found a solution for this?

    Upgraded the connector to the most latest version (i.e. 7.2.3.7789.0) since the Pulse Secure is officially supported by ArcSight.

    However, the logs are not getting parsed. Device vendor/product still shows as Unix/Unix. Sample entries as follows;

    Device Vendor : Unix

    Device Product : Unix

    Device Process Name : PulseSecure

    Device Custom String1.Module  : PulseSecure

    Name : 2016-07-03 11:32:12 - HostName - [127.0.0.1] System()[] - Removed expired user sessions from mail cache.  Number of cached sessions before cleanup: 0.  Number of sessions after cleanup: 0.

    Please share if any of you got a solution for this. Thanks.

    -Sudesh

Comment
  • Does anyone found a solution for this?

    Upgraded the connector to the most latest version (i.e. 7.2.3.7789.0) since the Pulse Secure is officially supported by ArcSight.

    However, the logs are not getting parsed. Device vendor/product still shows as Unix/Unix. Sample entries as follows;

    Device Vendor : Unix

    Device Product : Unix

    Device Process Name : PulseSecure

    Device Custom String1.Module  : PulseSecure

    Name : 2016-07-03 11:32:12 - HostName - [127.0.0.1] System()[] - Removed expired user sessions from mail cache.  Number of cached sessions before cleanup: 0.  Number of sessions after cleanup: 0.

    Please share if any of you got a solution for this. Thanks.

    -Sudesh

Children
No Data
Related Discussions
Recommended